Lucene search
K

773 matches found

Vulnrichment
Vulnrichment
added 2026/04/08 7:11 p.m.6 views

CVE-2026-23869

A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...

7.5CVSS5.9AI score0.01551EPSS
Exploits4References1
Cvelist
Cvelist
added 2026/04/08 7:11 p.m.20 views

CVE-2026-23869

A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...

7.5CVSS0.01551EPSS
Exploits4References1
RedHat Linux
RedHat Linux
added 2026/04/08 1:58 p.m.4 views

brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion

A flaw was found in the brace-expansion component. This denial of service DoS vulnerability allows a remote attacker to provide specially crafted input containing repeated numeric brace ranges. This input causes the library to attempt an unbounded expansion, consuming excessive CPU and memory...

9.2CVSS5.9AI score0.00481EPSS
Exploits0References5
OSV
OSV
added 2026/04/08 7:12 a.m.2 views

SUSE-SU-2026:1209-1 Security update for bind

This update for bind fixes the following issues: - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References3
OSV
OSV
added 2026/04/07 10:16 p.m.19 views

UBUNTU-CVE-2026-35406

Aardvark-dns is an authoritative dns server for A/AAAA container records. From 1.16.0 to 1.17.0, a truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. This vulnerability is fixed in 1.17.1...

7.5CVSS5.8AI score0.00383EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/02 6:20 p.m.5 views

Denial of Service (DoS)

Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...

8.7CVSS6AI score0.0043EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/01 10:11 a.m.9 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by multiple vulnerabilities due to urllib3

Summary The urllib3 library is used by IBM Cloud Pak for Data System 1.0 to provide HTTP client functionality for Python applications. Multiple vulnerabilities affect urllib3. CVE-2025-66418 involves allocation of resources without limits or throttling. CVE-2025-66471 and CVE-2026-21441 both rela...

8.9CVSS6.9AI score0.02667EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.6 views

Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2026-1533)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1533 advisory. If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/03/29 8:1 a.m.5 views

Excessive NSEC3 iterations cause high CPU load during insecure delegation validation

...

7.5CVSS5.8AI score0.01545EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-27859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery...

5.3CVSS5.8AI score0.00374EPSS
Exploits1References3
OSV
OSV
added 2026/03/27 12:0 a.m.5 views

UBUNTU-CVE-2026-27859

A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...

5.3CVSS5.8AI score0.00374EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/03/27 12:0 a.m.14 views

CVE-2026-27859

A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...

5.3CVSS5.9AI score0.00374EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/26 5:0 p.m.3 views

CVE-2026-20084

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...

8.6CVSS5.8AI score0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:2 p.m.32 views

CVE-2026-20084

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...

8.6CVSS0.00354EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 2:16 p.m.4 views

ALPINE-CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 2:16 p.m.3 views

DEBIAN-CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS8.7AI score0.01545EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 1:25 p.m.2 views

CVE-2026-1519 Excessive NSEC3 iterations cause high CPU load during insecure delegation validation

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References4
CVE
CVE
added 2026/03/25 1:25 p.m.63 views

CVE-2026-1519

Impact: BIND 9 DNSSEC resolvers may consume excessive CPU when validating DNSSEC in a malicious zone. Affected product: BIND 9 series (versions 9.11.0–9.16.50, 9.18.0–9.18.46, 9.20.0–9.20.20, 9.21.0–9.21.19, plus 9.11.3-S1–9.16.50-S1, 9.18.11-S1–9.18.46-S1, and 9.20.9-S1–9.20.20-S1). Root cause: ...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References27Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.10 views

PT-2026-28168

Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Active Storage, used for attaching cloud and local files in Rails applications, is susceptible to a denial-of-service condition. The...

6.5CVSS5.8AI score0.00434EPSS
Exploits0References21
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

ISC BIND 9 安全漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. Vulnerabilities exist in versions of ISC BIND 9 such as 9.16.50 and earlier, 9.18.46 and earlier, 9.20.20 and earlier, 9.21.19 and earlier, 9.16.50-S1 and earlier, 9.18.46-S1 and earlier, and 9.20.20-S1 and earlier...

7.5CVSS7.5AI score0.01545EPSS
Exploits0References5
Rows per page
Query Builder